https://community.nxp.com/t5/i-MX-Processors/Encrypted-storage-with-TrustZone/m-p/1511665#M194269 <P>Hi&nbsp;<a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/125208">@brucezhao</a>&nbsp;</P> <P>OP-TEE itself is secure world, which should be able to access CAAM.&nbsp;AN12714 here mainly uses the kernel module DM-Crypt, which uses CAAM's secure key to implement disk encryption, and does not implement the requirements you mentioned.</P> <P>Best regards</P> <P>Harvey</P> <P>Harvey</P> <P>&nbsp;</P> Thu, 25 Aug 2022 10:03:56 GMT Harvey021 2022-08-25T10:03:56Z https://community.nxp.com/t5/i-MX-Processors/Encrypted-storage-with-TrustZone/m-p/1509358#M194097 <P>Hi,&nbsp;</P><P>&nbsp; &nbsp;&nbsp;AN12714 (i.MX Encrypted Storage Using CAAM Secure Keys) document describes Encrypted storage with CAAM.</P><P>&nbsp; &nbsp; My question is that if I want to use CSU(Central Security Unit) to limit only OP-TEE can access CAAM, then CAAM can not be accessed by Normal world directly. I mean how to implement encrypted storage with OP-TEE, which uses OTPMK as root key by CAAM.&nbsp;</P><P>&nbsp; &nbsp; Thanks.&nbsp;</P> Mon, 22 Aug 2022 08:40:41 GMT https://community.nxp.com/t5/i-MX-Processors/Encrypted-storage-with-TrustZone/m-p/1509358#M194097 brucezhao 2022-08-22T08:40:41Z https://community.nxp.com/t5/i-MX-Processors/Encrypted-storage-with-TrustZone/m-p/1511665#M194269 <P>Hi&nbsp;<a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/125208">@brucezhao</a>&nbsp;</P> <P>OP-TEE itself is secure world, which should be able to access CAAM.&nbsp;AN12714 here mainly uses the kernel module DM-Crypt, which uses CAAM's secure key to implement disk encryption, and does not implement the requirements you mentioned.</P> <P>Best regards</P> <P>Harvey</P> <P>Harvey</P> <P>&nbsp;</P> Thu, 25 Aug 2022 10:03:56 GMT https://community.nxp.com/t5/i-MX-Processors/Encrypted-storage-with-TrustZone/m-p/1511665#M194269 Harvey021 2022-08-25T10:03:56Z https://community.nxp.com/t5/i-MX-Processors/Encrypted-storage-with-TrustZone/m-p/1513714#M194435 <P>Hi Harvey, I got it. Thank you for your reply.&nbsp;</P> Tue, 30 Aug 2022 07:58:43 GMT https://community.nxp.com/t5/i-MX-Processors/Encrypted-storage-with-TrustZone/m-p/1513714#M194435 brucezhao 2022-08-30T07:58:43Z